package com.shanwen.select.config;


import com.shanwen.select.entity.AdminUser;
import com.shanwen.select.entity.Menu;
import com.shanwen.select.service.MenuService;
import com.shanwen.select.service.AdminUserService;

import com.shanwen.select.utils.TreeUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;

/**
 * @author 刘栋
 * @ClassName: MyRealm
 * @Description: TODO shiro权限管理的自定义范围
 * @date 2019年3月8日 上午10:58:24
 */
public class MyRealm extends AuthorizingRealm {

    @Autowired
    AdminUserService userService;
    @Autowired
    MenuService menuService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        System.out.println("AuthorizationInfo方法-----------");
        System.out.println(principals);
        AdminUser user = (AdminUser) principals.asList().get(0);
        System.out.println("AuthorizationInfo" + user.toString());

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        List<String> permissions = menuService.getPermissions(user);

        info.addStringPermissions(permissions);

        if (user.getAdminName().equals("admin")) {
            info.addRole("admin");
        }
        return info;
    }

    SimpleAuthorizationInfo getInfo(SimpleAuthorizationInfo info, List<Menu> menus) {
        for (Menu menu : menus) {
            if (menu.getAuthorityKey() != null && !menu.getAuthorityKey().isEmpty()) {
                info.addStringPermission(menu.getAuthorityKey());
            }
            if (menu.getChildren() != null && menu.getChildren().size() > 0) {
                getInfo(info, menu.getChildren());
            }
        }
        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
            throws AuthenticationException {
        // 获取基于用户名和密码的令牌
        // 实际上这个authcToken是从LoginController里面currentUser.login(token)传过来的
        UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
        String account = token.getUsername();
        AdminUser user = new AdminUser();
        user.setAdminName(account);
        if (account != null) {
            user = userService.getList(user).get(0);

        }
        ;// 根据登陆名account从库中查询user对象

        System.out.println("当前登录用户为" + user.toString());
        if (user == null) {
            throw new AuthenticationException("用户不存在或者被禁用");
        }
        // 进行认证，将正确数据给shiro处理
        // 密码不用自己比对，AuthenticationInfo认证信息对象，一个接口，new他的实现类对象SimpleAuthenticationInfo
        /*
         * 第一个参数随便放，可以放user对象，程序可在任意位置获取 放入的对象 第二个参数必须放密码， 第三个参数放
         * 当前realm的名字，因为可能有多个realm
         */
        AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(user, user.getPassword(), this.getName());

        // 清之前的授权信息
        super.clearCachedAuthorizationInfo(authcInfo.getPrincipals());
        List<Menu> menuList = menuService.getRoleMenuList(user.getRole().getId());
        menuList = TreeUtils.bulidTree(menuList);

        SecurityUtils.getSubject().getSession().setAttribute("menuList", menuList);
        SecurityUtils.getSubject().getSession().removeAttribute("adminUser");
        SecurityUtils.getSubject().getSession().setAttribute("adminUser", user);
        SecurityUtils.getSubject().getSession().setTimeout(3600000);
        return authcInfo;// 返回给安全管理器，securityManager，由securityManager比对数据库查询出的密码和页面提交的密码

    }

}
